Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Webpack dev-server fails to run with node 17.0.1+ #179

Open
felixfaire opened this issue Dec 26, 2021 · 1 comment
Open

Webpack dev-server fails to run with node 17.0.1+ #179

felixfaire opened this issue Dec 26, 2021 · 1 comment
Labels
bug Something isn't working

Comments

@felixfaire
Copy link

This is a webpack 4 bug that is described here (second answer seems the most relevant). This issue is supposedly resolved in webpack 5.61.0+.

Steps to Reproduce

  1. Run the template (npm run start) with node 17.0.1 or higher installed

Expected Behavior

Template runs devserver without issue

Actual Behavior

This error causes the dev server to fail:

Error: digital envelope routines::unsupported

opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
library: 'digital envelope routines',
reason: 'unsupported',
code: 'ERR_OSSL_EVP_UNSUPPORTED'

It appears this could be fixed by updating webpack to 5.61.0 or by enabling the --openssl-legacy-provider argument. Or at least making a note in the readme that the template will not work on node versions higher that 17.0.1.
@felixfaire felixfaire added the bug Something isn't working label Dec 26, 2021
@denis-sh
Copy link

This is what happened here:

Detailed history

Starting from Node.js 17.0.0 (released 2021-10-19) md4 hash is disabled in crypto by default because it's considered insecure.

Specifically, this code will fail with ERR_OSSL_EVP_UNSUPPORTED error code on Node.js 17+:

node -p "crypto.createHash('md4')"

It caused massive disruption as a lot of projects used crypto to compute md4 hash, see nodejs/node#40455 (opened 2021-10-14).

webpack project opened related issue webpack/webpack#14532 (opened 2021-10-19). NODE_OPTIONS=--openssl-legacy-provider workaround was immediately proposed. Then 2021-10-20 another workaround was proposed for webpack 5. The proposed solution was to use hashFunction: "xxhash64" added in webpack v5.54.0 (released 2021-09-24).

Note: Today one can't easily run webpack v5.54.0 on Node.js 17 because it lacks (at least) constants named export in node:fs/promises required by open package, so at least Node.js 18+ is needed. Node.js 17 end-of-life was 2022-06-01, so it's expected.

Later, 10 days after Node.js 17 release, webpack v5.61.0 (released 2021-10-29) added custom md4 hash in webpack/webpack#14584 thus becoming compatible with all latest Node.js versions.

md4 hash fix was backported to webpack v4.47.0 (released 2023-09-06, almost 2 years after Node.js 17 release) in webpack/webpack#17628, but because Node.js 17 already reached end-of-life, custom md4 hash was only used starting from Node.js 18 (see relevant diff).

TL;DR

Node.js 18+ is supported by webpack v4.47.0 (released 2023-09-06, latest webpack 4 version as of 2025-02-14) and webpack v5.61.0+ (released 2021-10-29). Node.js 17 is not supported because it reached end-of-life 2022-06-01.

This was referenced Feb 14, 2025
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@denis-sh @felixfaire